14Fraud Management in Siebel Communications

Fraud Management in Siebel Communications

This chapter describes the procedures for managing and responding to fraud alerts. It includes the following topics:

• About Fraud Management in Siebel Communications

• Scenario for Using Fraud Management in Siebel Communications

• Viewing Fraud Alerts in Siebel Communications (End User)

• About Following Up with the Customer for a Fraud Alert

• Changing Fraud Thresholds in Siebel Communications (End User)

• Updating the Fraud Alert in Siebel Communications (End User)

• Additional End-User Tasks for Fraud Management in Siebel Communications

About Fraud Management in Siebel Communications

Fraud occurs when someone uses a service to defraud a consumer, business, or service provider by obtaining free services or services that the individual concerned is not entitled to. Some of the more common methods and indicators of fraud follow:

• Cloning of mobile phones

• Stolen phones

• Unauthorized third-party charging of calls

• Stolen or fraudulently obtained calling cards and PINs

• Bills returned in the mail with a claim that the customer is not at that address.

Fraud can be identified in various ways. For example, a consumer might identify fraud on a bill, noting charges for services that were not requested or used. Alternatively, a service provider might identify irregular calling patterns that can indicate fraud.

Traditionally, companies have used legacy fraud management applications to identify and manage fraud. The fraud management process involves fraud alerts, warnings that a fraud might have been committed, which are generated by the fraud management application from an analysis of calling details. For example, an alert may be generated if the system detects calls originating from two different cities within a short time period. A common way to commit such a fraud is by cloning, illegally modifying a handset chip to send an identification signal for another, legal phone. This allows the owner of the illegal handset to make phone calls on the legal phone owner's account.

A fraud alert can also be generated by a breach of a fraud threshold. A fraud threshold is a value which, when exceeded, produces a fraud alert. For example, a customer may have a threshold limit of $250.00 per day for domestic calls.

The back-office application issues a fraud alert by placing the customer on a fraud list, a list of customer accounts that are suspected of or confirmed for fraud. The back-office application might generate multiple lists, classified by categories in descending order of the likelihood of fraud.

A back-office fraud management application usually has a front-office component, which is used to manage customer interactions related to fraud. Siebel Communications functions as the front-office application for managing fraud. Your company’s back-office fraud management applications send fraud lists toSiebel Communications for follow-up. Customer service representatives (CSRs) go through the lists and contact the customers to check if they made the calls that are the cause of the fraud alerts.

Fraud alerts indicate the type of fraud that might have occurred. For example, Exceeds Threshold is a fraud alert type that indicates that a predefined limit has been exceeded. Another fraud alert type, Stolen Handset, indicates that a customer's mobile phone has been stolen.

To help you resolve cases of suspected or obvious fraud, Siebel Communications allows you to view fraud lists, fraud alerts, fraud-related background information about accounts, and the history of fraud-related activities for an account.

Scenario for Using Fraud Management in Siebel Communications

This topic gives one example of how fraud management might be used. You might use fraud management differently, depending on your business model.

A CSR is responsible for handling fraud issues for all of your small and medium-sized customers. A business customer has a contract for mobile subscriptions for the firm’s employees. The owner is one of the mobile subscribers and is based in Rome.

The CSRs fraud management system notices that calls from the owner’s mobile phone have originated in San Francisco and Los Angeles within a span of a few minutes. This can only happen when a mobile phone has been cloned. The fraud management system generates a fraud alert for the customer’s account, with the fraud level set to Certain, the fraud type set to Invalid Calls, and fraud event set to Simultaneous Calls. The fraud management system also suspends the customer’s account pending customer confirmation. The fraud message and the associated call detail records (CDRs) are forwarded to Siebel Communications. The fraud system creates the alert and flags the account. Through integration with the third-party system, the fraud data is sent to the CSR’s Siebel application, and the account is flagged as fraudulent. The Siebel application creates a fraud alert and fraud alert details and updates the customer account with the fraud level.

Siebel Communications has been configured to generate an activity to contact the customer. The fraud alert appears in the customer service supervisor's queue by default, and the supervisor assigns the fraud alert to the CSR, who then examines the fraud alert and associated fraud alert details. The CSR also checks for any other fraud alerts raised against the customer’s account in the last 12 months to see if there is a history of fraud. This turns out to be the first fraud alert against this customer’s account.

The CSR looks up contact information for the customer in Siebel Communications and telephones the owner, who is listed as the primary contact for the customer account. The owner mentions that he has not been to Los Angeles for more than two years, and is certain that the phone has been in his control during this period. The CSR informs him that there may have been a fraudulent use of his telephone number, and that the CSR will need to provide him with another telephone number. The customer agrees to take his handset to the nearest dealer who will help him with this process. The CSR updates the fraud alert's status and attaches appropriate comments.

Siebel Communications transmits this information to the fraud management system. The CSR’s fraud management department then starts its formal investigation.

The following image shows a possible sequence for managing fraud, which includes the following steps:

1. Examine fraud alert.

2. Display fraud alert details.

3. Attempt to contact the customer.

   1. If successful in contacting the customer:

      • Discuss suspected fraud.

      • Change thresholds or disconnect customer.

   2. If unable to contact the customer, then disconnect the customer.

4. Update fraud alert.

Viewing Fraud Alerts in Siebel Communications (End User)

When a back-office application flags an account for fraud, Siebel Communications receives a fraud alert and fraud alert details.

In the course of investigating fraud, end users review the fraud alert to determine the type of fraud that might have occurred. End users then discuss the fraud alert details, which contain the specific data alleged to be fraudulent, with the customer.

Viewing Fraud Alerts

To view a fraud alert, follow this procedure.

To view a fraud alert

1. Navigate to the Fraud Management screen, then the Fraud Alert List view.

   Some fields in the list are described in the following table.

   Field	Comments
   Fraud Event	Displays the condition that indicates suspected fraud. The value in this field depends on the value in the Fraud Type field.
   Alert #	Displays an alert number that is automatically generated.
   Threshold Overflow	Displays the quantity by which the account’s threshold level is exceeded.
   Owner	Displays the primary person assigned to this account for fraud management purposes. This person is responsible for customer follow-up to determine whether fraud occurred.

2. Drill down on the alert number of the fraud alert.

Viewing Fraud Alert Details

To view fraud alert details, follow this procedure.

To view fraud alert details

1. Navigate to the Fraud Management screen, then the Fraud Alert List view.

2. Drill down on the alert number of the fraud alert.

3. Click the Event Details view tab.

   An Account form appears with the Event Details list. The Event Details list displays detailed information about the selected alert. This information typically includes the call detail records associated with the suspected fraudulent calls. Some fraud alerts (for example, Stolen Handset) might have no associated fraud alert details.

   Some fields in the Event Details list are described in the following table.

   Field	Comments
   Number Location	Displays the geographical location of the number dialed in a suspected fraudulent call.
   Date/Time	Displays the date and time of the event.
   Number Called	Displays the number dialed in a suspected fraudulent call.
   Length	Displays the length of the service in seconds.
   Rate	Displays the name of the rate plan used to calculate the charge (for example, Peak, Off-Peak, Standard, Economy, or International).
   Charge	Displays the charges for the service from the Charge dialog box.

About Following Up with the Customer for a Fraud Alert

End users might establish contact with the customer. Your company might have a business rule that determines how many times end users must attempt to contact the customer.

If repeated attempts to contact the customer fail, then end users can disconnect the customer’s service. Your company can configure Siebel Communications to send a message to this effect to the back-office application. Workflow Processes might be used for this configuration.

Changing Fraud Thresholds in Siebel Communications (End User)

End users can change thresholds in the fraud profile, if necessary. For example, if a breach of a credit threshold generated the fraud alert, then the customer can request a higher threshold. If this request is granted, then it might cancel the fraud alert.

To change a fraud threshold

1. Navigate to the Fraud Management screen, then the Fraud Alert List view.

2. Drill down on the account name of the fraud alert.

3. In the Fraud Account Profile form, change one or more of the fields.

   For information about the fields in the Fraud Account Profile form, see Profiles in Siebel Communications.

Updating the Fraud Alert in Siebel Communications (End User)

End users can indicate that some action has been taken by adding comments or by changing other fields in the fraud alert record, such as its status, priority, or owner.

To update a fraud alert

1. Navigate to the Fraud Management screen, then the Fraud Alert List view.

2. Select a fraud alert record.

3. In the Fraud Alert record, complete the necessary fields.

Additional End-User Tasks for Fraud Management in Siebel Communications

This topic contains information about another task related to fraud management.

Disconnecting Service

If necessary, end users can disconnect a customer’s service because of the nature of the alert, a discussion with the customer, failure to contact the customer, or the company’s policy. Depending on the severity of the alert, part or all of the customer’s services (for example, international dialing) might already have been disconnected by the back-office application.

If your company has configured the Fraud Activities types to include Service Disconnect, then end users can add this activity to a fraud alert. For information about disconnecting a service, see Siebel Order Management Guide Addendum for Communications.